Articles Tagged “Security”
13 articles tagged “Security”, newest first.
-
Integrating Entra ID Authentication into WinForms/WPF Apps — A Practical Architecture with MSAL.NET and the WAM Broker
A practical, hands-on look at integrating Entra ID (formerly Azure AD) authentication into WinForms/WPF desktop apps: the public client mindset, where ROPC s...
-
What to Do Before Disposing of a Windows PC — A Practical Checklist for Data Erasure, Account Unlinking, and Backups
What to do before disposing of, transferring, selling, or returning a leased Windows PC — covering backups, data erasure, BitLocker, Microsoft accounts, OneD...
-
Handling Windows Impersonation Tokens Correctly — Borrowing Privileges per Thread and Reverting Safely
A practical guide to Windows impersonation tokens — access tokens, primary tokens, thread tokens, impersonation levels, RevertToSelf, and .NET's WindowsIdent...
-
Why Windows Became What It Is Today: The Evolution of Windows Through a Developer's Eyes
A look at the changes from Windows 95 to Windows 11 — not as a visual timeline, but from a Windows application developer's perspective: compatibility, stabil...
-
Why Windows Shows "Windows protected your PC"
Why your app triggers "Windows protected your PC": SmartScreen checks publisher reputation, not just signatures. Compare OV/EV certs, MSIX, and the Store.
-
Pseudo-Random vs. True Random Numbers - How Do You Actually Tell Them Apart?
Pseudo-random (PRNG) vs true random (TRNG): PRNGs are deterministic and seeded; TRNGs harvest physical entropy. How to tell them apart and when each fits.
-
Security Design for Auto-Update - Why HTTPS Alone Is Not Enough
We treat auto-update as a trust boundary and walk through signed metadata, client-side verification, key separation, rollback protection, and fail-closed des...
-
A Practical Procedure for Identifying the Scheme Behind a Hash String
When identifying the scheme behind a hash string left in logs or a DB, it helps to look at the prefix, separators, character set, and length, in that order. ...
-
How Windows DLL Name Resolution Works - Search Order and SxS
Where does LoadLibrary actually look? Walk through the Windows DLL search order, Known DLLs, API sets, and SxS manifests, and how to prevent DLL hijacking.
-
When Do You Actually Need Administrator Privileges on Windows? - UAC, Protected Areas, and How to Tell by Design
A practical look at when administrator privileges are required on Windows, from the perspectives of UAC, protected areas, services, drivers, and per-user/per...
-
How to Concretely Isolate "Only the Operations That Need Administrator Privileges" in a Windows App
A concrete walkthrough of keeping a Windows app UI at asInvoker while isolating only the administrator-privileged operations into a helper EXE, covering UAC,...
-
Storing Secrets in Windows Apps - Avoiding Plaintext Configuration with DPAPI
To avoid storing connection credentials and API tokens in plaintext configuration files in Windows apps, we walk through DPAPI / ProtectedData, the differenc...
-
A Minimum Security Checklist for Windows App Development
A checklist-style guide to the security basics for WPF / WinForms / WinUI / C++ / C# business apps: privileges, signing, updates, secrets, HTTPS, input valid...